Wordfence AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The Build App Online plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.21. This is due to missing authentication checking in the 'set_user_cart' function with the 'user_id' header value. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-51478. Reason: This candidate is a reservation duplicate of CVE-2023-51478. Notes: All CVE users should reference CVE-2023-51478 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Wordfence https://plugins.trac.wordpress.org/browser/build-app-online/tags/1.0.21/public/class-build-app-online-public.php#L814

Wordfence https://www.wordfence.com/threat-intel/vulnerabilities/id/65d423ad-da51-4616-860d-2b9354d44147?source=cve

Title: El complemento Build App Online para WordPress
Description: El complemento Build App Online para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 1.0.21 incluida. Esto se debe a que falta la verificación de autenticación en la función 'set_user_cart' con el valor del encabezado 'user_id'. Esto hace posible que atacantes no autenticados inicien sesión como cualquier usuario existente en el sitio, como un administrador, si tienen acceso a la identificación del usuario.